Developers tend do a poor job of implementing cryptography and other security measures in their systems. However, we as security people aren't doing very much to help them be successful. Often the primitives used are out of date and overlook very subtle flaws. These mistakes lead to systems that are hopelessly insecure despite our perception that we've build an impenetrable fortress. Fortunately there are a few tools and techniques at our disposal that can ease some of the pain. In this talk we'll get our laughs by exploring some of the most common pitfalls developers encounter with cryptography, but also try and restore some of our sanity.